Critical Vulnerability Discovered in SGLang Allows Remote Code Execution
A severe security flaw in SGLang, identified as CVE-2026-5760, poses significant risks of remote code execution through malicious model files.
Category Security & Privacy
Ciberseguridad, vulnerabilidades y privacidad
Vercel Reports Security Breach Linked to Third-Party Tool
Vercel has disclosed a security breach that allowed unauthorized access to its internal systems, stemming from a compromise of the Context.ai tool used by its employees.
cloud security: Webinar on Managing Non-Human Identities to Prevent Data Breaches
A recent report highlights that compromised service accounts and forgotten API keys were responsible for 68% of cloud breaches in 2024. A webinar aims to address the risks associated with unmanaged non-human identities.
Chrome Exploit Developed Using AI Model Raises Concerns
A recent exploit targeting Chrome's V8 engine was created using Anthropic's Opus AI model, highlighting potential risks for users of affected applications.
Google Chrome’s Vulnerability to Browser Fingerprinting Raises Privacy Concerns
Despite its claims of enhanced security, Google Chrome lacks adequate defenses against browser fingerprinting, a prevalent tracking method that poses significant privacy risks.
Adobe: April Patch Tuesday Addresses Critical Vulnerabilities in Key Software
April's Patch Tuesday has introduced crucial updates to address significant vulnerabilities in products from Adobe, Fortinet, Microsoft, and SAP, highlighting the ongoing need for vigilance in software security.
Critical nginx-ui Vulnerability (CVE-2026-33032) Under Active Exploitation
A serious security flaw in nginx-ui, an open-source management tool for Nginx, has been disclosed and is currently being exploited. This vulnerability allows attackers to take control of Nginx servers without authentication.
Rival Ransomware Gangs Clash: 0APT Threatens Krybit
0APT has issued threats against rival ransomware group Krybit, promising to expose their members unless demands are met. The motivations behind this unusual conflict remain unclear.
CISA Warns of Exploited Microsoft Vulnerabilities, Including Long-Standing Flaws
The Cybersecurity and Infrastructure Security Agency has identified four Microsoft vulnerabilities, including one dating back 14 years, that are being exploited by cybercriminals, particularly in ransomware attacks.
OpenAI Revokes macOS App Certificate Following Axios Supply Chain Incident
OpenAI has taken precautionary measures by revoking its macOS app certificate after a supply chain attack involving the Axios library. The company confirmed that no user data was compromised.
